Formalizing Real-World Threat Scenarios

Titel in Übersetzung: Formalisierung praxisnaher Bedrohungsszenarien

Veröffentlichungen: Beitrag in BuchBeitrag in KonferenzbandPeer Reviewed

Abstract

Using formal methods in threat analysis would be of great benefit to securing modern IT systems. To this end a strictly formal description of attacker-defender scenarios is vital. This paper demonstrates how attacker and defender behavior and its interrelationship can be defined using Markov decision processes and stochastic game theory. Based on these definitions, model checking methods can be applied to find quantitative answers to important questions relevant in threat analysis. A main focus lies on the applicability of the method to real-world situations. This is accomplished by incorporating information from several proven tactical and technical knowledge bases. Practicability of the method is shown by using the model checking tool PRISM-games.
Titel in ÜbersetzungFormalisierung praxisnaher Bedrohungsszenarien
OriginalspracheEnglisch
TitelICISSP 2022 - Proceedings of the 8th International Conference on Information Systems Security and Privacy
UntertitelICISSP 2022
Redakteure*innenPaolo Mori, Gabriele Lenzini, Steven Furnell
ErscheinungsortSetúbal
Herausgeber (Verlag)SciTePress
Seiten281-289
Seitenumfang9
ISBN (elektronisch)978-989-758-553-1
ISBN (Print)9789897585531
DOIs
PublikationsstatusVeröffentlicht - 9 Feb. 2022
Veranstaltung8th International Conference on Information Systems Security and Privacy - online, Unbekannt/undefiniert
Dauer: 9 Feb. 202211 Feb. 2022

Konferenz

Konferenz8th International Conference on Information Systems Security and Privacy
KurztitelICISSP 2022
Land/GebietUnbekannt/undefiniert
Zeitraum9/02/2211/02/22

ÖFOS 2012

  • 102016 IT-Sicherheit

Zitationsweisen